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DETAILED ACTION 
Continued Examination Under 37 CFR LI 14 

1 . A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1,114, and the fee set forth in 37 CFR 1 . 1 7(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. Applicant's submission filed on 14 May 2007 has been entered. 

2. Claims 1-37 have been presented for examination. 

Response to Arguments 

3. Applicant's arguments with respect to the 35 U.S.C. 101 rejection of claims 1-36 have 
been considered but are moot in view of the new grounds of rejection. 

4. Applicant's arguments with respect to claims 1-37 have been considered but are moot in 
view of the new ground(s) of rejection. 

5. See further rejections that follow. 

Specification 

6. The specification is objected to as failing to provide proper antecedent basis for the 
claimed subject matter of claims 1-36, specifically the computer-readable medium. By not 
defining the term computer-readable medium, the Applicant has made it impossible to ascertain 
the intended scope of claims 1-36. See 37 CFR 1.75(d)(1) and MPEP § 608.01(o). Correction is 
required. 
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Claim Objections 

7. Claims 23 and 24 are objected to under 37 CFR 1 .75(c), as being of improper dependent 
form for failing to further limit the subject matter of a previous claim. Applicant is required to 
cancel the claim, or amend the claim to place the claim in proper dependent form, or rewrite the 
claim in independent form. 

Claim Rejections - 35 USC § 101 

8. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

9. Claims 1-36 are rejected under 35 U.S.C. 101 because the claimed invention is directed 
to non- statutory subject matter. Claims 1-36 require a computer readable medium, which, as 
noted above, has not been defined by the Specification. One of ordinary skill could reasonably 
construe that the computer-readable medium includes transmission media and carrier waves 
since the invention requires a transaction occurring on a network. The Office's current position 
is that claims involving signals encoded with functional descriptive material do not fall within 
any of the categories of patentable subject matter set forth in 35 U.S.C. § 101, and such claims 
are therefore ineligible for patent protection. See 1300 OG 142 (November 22, 2005) (in 
particular, see Annex IV(c)). 

Claim Rejections -35 USC §103 

10. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 
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11. Claims 1-9, 23-25, 28, 29, and 31-34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent No. 6,072,870 to Nguyen et al., hereinafter Nguyen, in view of 
U.S. Patent No. 6,327,578 to Linehan, hereinafter Linehan. 

12. As per claim 1, Nguyen teaches an apparatus for integrating a seller's Web site with a 
public key infrastructure, wherein: 

the public key infrastructure comprises a buyer computer (Figure 1C [block 186]) having 
a Web browser (Figure 1C [block 141]) adapted to invoke an interface to authenticate electronic 
messages (Figures 29, 33) and a seller's bank computer system (Figures IB and 3 [block 140]) 
. adapted to receive service requests from the seller and to respond to those requests (Figures IB 
[block 170], 3 [block 315]), and the seller's Web site comprises computer program instructions 
encoded on at least one computer-readable medium comprising: 

a filter adapted to redirect HTTP requests received from the Web browser (Figure 21 A 
[block 2102], column 70, lines 46-65); 

coupled to the filter, an Internet server application adapted to receive a redirected HTTP 
request and process the redirected HTTP requests (Figure 2 IB [block 2110], .column 70, lines 
46-65, column 71, lines 8-52); 

coupled to the Internet server application, a filter engine adapted to receive processed 
HTTP requests from the Internet server application (Figure 21 B [block 2124], column 70, lines 
46-65, column 71, lines 8-52) and to identify which HTTP requests require additional user 
authentication information, such as usernames and passwords (column 16, lines 7-15). 

13. Nguyen does not disclose wherein the interface includes a place to include a digital 
signature and wherein the authentication information includes digital signatures. 
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14. Linehan teaches the use of digital signatures as authentication information (column 7, 
lines 38-49). 

15. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to replace the username and password authentication information with the digital 
signature information disclosed by Linehan, since Linehan states at column 4, lines 5-9 that 
providing alternate authentication mechanisms results in a significant reduction in complexity, 
thereby improving the case of implementation and overall performance. 

16. Regarding claim 2, Nguyen discloses the filter engine is further adapted to identify HTTP 
requests that require accessing a service offered by the seller's bank and to formulate requests for 
the service (Figure 21 A [block 2102], column 70, lines 46-65); and 

the seller's web site further comprises, coupled to the filter engine, a bank interface 
adapted to receive request from the filter engine, reformat the requests, and transmit the request 
to the seller's bank (Figure 3 [blocks 310, 315], column 15, lines 51-63). 

1 7. With regards to claim 3, Nguyen teaches wherein the bank interface is further adapted to 
receive a service response to the request from the seller's bank and forward the response to the 
filter engine (Figure 3 [blocks 325, 320], column 15, lines 51-63). 



18. 



With regards to claim 4, Nguyen discloses certificate validation (column 71, lines 8-52). 
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19. Regarding claim 5, Nguyen teaches a Web server adapted to parse requests redirected by 
the filter (column 70, lines 46-65). 

20. Regarding claims 6 and 7, Linehan teaches wherein services provided by the seller's bank 
are provided within the context of a four-corner model (Figure 2A), and wherein the four-corner 
model comprises the buyer (Figure 2A [block 202]), the seller (Figure 2A [block 204]), the 
seller's bank (Figure 1 A [block 208]), and a buyer's bank (Figure 2 A [block 212]). 

21 . Regarding claim 8, Nguyen discloses wherein the filter is implemented using IS API 
(column 12, lines 28-65). 

22. Regarding claim 9, Nguyen teaches wherein the Internet service application is adapted to 
generate HTTP responses based on data received from the filter engine (Figure 21B [block 
2110], column 70, lines 46-65, column 71, lines 8-52). 

23. Regarding claim 23, Nguyen teaches wherein the filter engine determines whether an 
HTTP request contains data requiring authentication information, such as a username and 
password, by applying filtering rules (column 16, lines 7-15). Linehan teaches wherein the 
authentication information can be a buyer's digital signature. 

24. Regarding claim 24, Nguyen teaches wherein the filter engine is programmed to 
recognize each HTTP request that includes data requiring authentication information (column 16, 
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lines 7-15). Linehan teaches wherein the authentication information can be a buyer's digital 
signature. 

25. Regarding claim 25, Nguyen teaches wherein the filter engine is programmed to 
recognize HTTP requests transmitted by the Web browser that have been modified to include a 
special tag that indicates whether the request includes data that requires authentication 
information (column 16, lines 7-15). Linehan teaches wherein the authentication information can 
be a buyer's digital signature. 

26. Regarding claim 28, Nguyen teaches wherein the filter engine provides an abstracted 
front-end interface via an object oriented computer programming language remote method 
invocation (column 7, line 13 to column 8, line 8). 

27. Regarding claim 29, Nguyen teaches wherein the filter engine employs a rules class 
(column 9, line 66 to column 10, line 1 1). 

28. Regarding claim 31, Linehan teach wherein the bank interface is designed with a plug-in 
based architecture (column 9, line 3-28). 

29. Regarding claim 32, Linehan teaches wherein the bank interface supports an abstract 
front-end interface to allow communication via a plurality of middleware technologies (Figure 
2A [block 206]). 
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30. Regarding claims 33 and 34, Linehan teaches wherein the bank interface is adapted to 
create and transmit OCSP requests or some time of a certificate status check module (column 3, 
lines25-47). 

31. As per claim 37, Nguyen teaches an apparatus for integrating a seller's Web site with a 
public key infrastructure, said apparatus comprising: 

a Web server located at the seller's Web site (Figure 2 [block 130]); 

a Web application coupled to the Web server and also located at the seller's Web site, the 
Web application adapted to: 

identify which HTTP requests from a buyer require a authentication information of the 
buyer and which HTTP requests do not require authentication information of the buyer (column 
16, lines 7-15); 

create a Web page for transmission to a browser controlled by the buyer said Web page 
causing the browser to invoke an interface (Figures 29, 33) and comprising a smart card 
containing a private key associated with the buyer (column 89, line 52 to column 90, line 2); and 

identify which HTTP requests require a service provided by an entity other than the seller 
and which HTTP requests do not require a service provided by an entity other than the seller 
(Figure 21B [block 2124], column 70, lines 46-65, column 71, lines 8-52); and 

coupled to the- Web application and also located at the seller's Web site, an interface 
module adapted to receive from the Web application requests for service from entities other than 
the seller, to format and transmit the request, to receive a response to the request, and to forward 
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the response to the Web application (Figure 3 [blocks 310, 315, 325, 320], column 15, lines 51- 
63). 

32. Nguyen does not disclose wherein the interface includes a place to include a digital 
signature and wherein the authentication information includes digital signatures. 

33. Linehan teaches the use of digital signatures as authentication information (column 7, 
lines 38-49). 

34. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to replace the username and password authentication information with the digital 
signature information disclosed by Linehan, since Linehan states at column 4, lines 5-9 that 
providing alternate authentication mechanisms results in a significant reduction in complexity, 
thereby improving the case of implementation and overall performance. 

35. Claims 10-16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Nguyen in 
view of Linehan as applied above, and further in view of U.S. Patent No. 6,052,785 to Lin et al., 
hereinafter Lin. 

36. Regarding claim 10, Nguyen and Linehan do not teach wherein the Internet server 
application is adapted to pass a hash table to the filter engine. 

37. Lin teaches wherein the Internet server application is adapted to pass a hash table to the 
filter engine (Figure 3). 

38. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to have the server application pass a hash table to the filter engine, since Lin states at 
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column 8, lines 43-56 that including a hash table supports the flexibility of authentication, which 
aids in preventing fraudulent transactions. 

39. With regards to claims 11-16, Nguyen teaches wherein the hash table comprises the 
headers from the redirected HTTP request, the method of the redirected HTTP request, the 
content-type of the redirected HTTP request, the buyer computer's IP address, the actual data in 
the redirected HTTP request, or a unique session ID (Figure 32, column 8, line 51 to column 9, 
line 17). 

Allowable Subject Matter 

40. Claims 17-22, 26, 27, 30, 35 and 36 would be allowable if rewritten or amended to 
overcome the rejections under 35 U.S.C. 101, set forth in this Office action. 

Conclusion 

41 . The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

42. The following patents are cited to further show the state of the art with respect to ***, 
such as: 

United States Patent No. 6,889,325 to Sipman et al., which is cited to show a method for 
conducting a transaction that provides for an interface that requires a digital signature. 

United States Patent No. 6,71 5,080 to Starkovich, which is cited to show making 
variables obtained at a merchant's website available to a payment gateway. 

United States Patent No. 5,706,427 to Tabuki, which is cited to show a online transaction 
that requires a digital signature. 
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United States Patent No. 6,092,196 to Reiche, which is cited to show authenticating 
HTTP requests for online transactions. 

United States Patent No. 5,754,772 to Leaf, which is cited to show an HTTP server to 
transaction gateway. 

United States Patent No. 6,766,454 to Riggins, which is cited to show using an 
authentication applet to identify and authenticate a user in a computer network. 

43. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian La Fbrgia whose telephone number is (571) 272-3792. 
The examiner can normally be reached on Monday thru Thursday 7-5. 

44. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

45. Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Christian LaForgiay^f // — 
Patent Examiner/ ^ / — -y — - 

Art Unit 2131 ( ^^h^X^^A^^ 
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